ln-647-env-config-auditor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The auditor reads .env/.env.example and code defaults and explicitly formats and reports default values for desync checks (format_defaults) so it may include secret values verbatim in findings, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch missing reference files via WebFetch from the public URL https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path} and marks several of those shared/reference files as MANDATORY READ, meaning publicly-hosted third-party content (raw GitHub files) is ingested and used to drive detection patterns, checks, and scoring that materially affect the agent's decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly says to WebFetch missing shared/reference files at runtime from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}, and those "MANDATORY READ" reference files directly control detection rules, scoring, and report templates (i.e., the agent's instructions/behavior), making this a required remote runtime dependency that can alter prompts/behavior.